[pull] main from containerd:main #56
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Derek McGowan <derek@mcg.dev>
…ithub/codeql-action-4.31.0 build(deps): bump github/codeql-action from 4.30.9 to 4.31.0
Bumps the golang-x group with 1 update: [golang.org/x/time](https://github.com/golang/time). Updates `golang.org/x/time` from 0.9.0 to 0.14.0 - [Commits](golang/time@v0.9.0...v0.14.0) --- updated-dependencies: - dependency-name: golang.org/x/time dependency-version: 0.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x ... Signed-off-by: dependabot[bot] <support@github.com>
api/go.mod: golang.org/x/net v0.38.0
containerd-shim-runc-v2: monitor OOM event after creation
In previous implementation every call would replace the whole query instead of adding to it. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Derek McGowan <derek@mcg.dev>
docker: fix addQuery with multiple calls
…ctions/download-artifact-6.0.0 build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0
…g-x-aef9229409 build(deps): bump golang.org/x/time from 0.9.0 to 0.14.0 in the golang-x group
Improve documentation for mount manager
Update referrers interface to support more options
Avoid unnecessary new configuration and instead cache the info result when first used. Signed-off-by: Derek McGowan <derek@mcg.dev>
Cleanup load shim info
Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Derek McGowan <derek@mcg.dev>
Prepare release notes for v2.2.0-rc.0
For issue 12443 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
CI: update Fedora to 43
We should reject commit request if target parent is not committed. Just in case we rebase active snapshot on active one. Signed-off-by: Wei Fu <fuweid89@gmail.com>
Deprecate cgroup v1
snapshot: check parent's kind before commit
- add container_last_seen metrics Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: ChengyuZhu6 <hudson@cyzhu.com>
cri: emit warning for concurrent CreateContainer
opencontainers/runtime-spec#941 added umask field and released with v1.0.2. This commit add the missing helper function for this field. Signed-off-by: Youfu Zhang <zhangyoufu@gmail.com>
pkg/oci: add WithUmask for SpecOpts
EROFS has supported a tiny metadata-only image to reference external blobs since Linux 5.16. This eliminates the need to mount each EROFS layer one by one and is also useful for VM-based containers (e.g. nerdbox and Kata containers.) Similar to LCOW/CimFS, `snapshots.UnpackKeyPrefix` is used to trigger fsmerge generation (typically < 100 ms) on demand in Prepare(). In the future, we can also generate fsmeta in Commit() of the final unpacking layer (by introducing an annotation to keep the chainID). However, in the case of intermediate layer reuse, the Prepare() handling will still be required. ```toml [plugins."io.containerd.snapshotter.v1.erofs"] max_unmerged_layers = 1 # enable fsmerge if image layers >= 2 ``` Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
In the CreateSandbox request, which is part of the Sandbox Controller, we ignored the `Annotations` parameter which could have been set by the caller via `WithAnnotations` option. This commit rectifies the same and adds the Annotations parameter to the request. Signed-off-by: Harsh Rawat <harshrawat@microsoft.com>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.77.0 to 1.78.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.77.0...v1.78.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.78.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Add support for EROFS fsmerge feature
…e.golang.org/grpc-1.78.0 build(deps): bump google.golang.org/grpc from 1.77.0 to 1.78.0
…ithub/codeql-action-4.31.9 build(deps): bump github/codeql-action from 4.31.8 to 4.31.9
…ctions/attest-build-provenance-3.1.0 build(deps): bump actions/attest-build-provenance from 3.0.0 to 3.1.0
…ocker/setup-buildx-action-3.12.0 build(deps): bump docker/setup-buildx-action from 3.11.1 to 3.12.0
Set annotations parameter in CreateSandbox request
simplify selinux dependency in client
Signed-off-by: Anuj Singh <singholt@amazon.com>
cri: update log level to warn for CNI load failure during CRI init
images: add EROFS layer media type
- add k8s 1.35 into support matrix - remove k8s 1.31 as its EOL in Nov 2025 - 2.0 is removed from the supported list as it was EOL when 1.35 released Co-authored-by: Mike Brown <brownwm@us.ibm.com> Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Error strings should not be capitalized (unless beginning with proper nouns or acronyms) or end with punctuation, per Go style guide and staticcheck ST1005. This change lowercases the first letter of error messages in fmt.Errorf calls throughout the codebase, while preserving uppercase for acronyms at the start of error strings (e.g., NRI, RDT, CDI, UID, GID, VHD, FUSE). Also fixes typo 'faild' -> 'failed' in resolver_test.go. Changes: - core/metadata: target.Digest, target.Size, target.MediaType - core/remotes/docker: fetcher.Seek, fetcherByDigest - integration: various test error messages - internal/cri/server: containerConfig - plugins/snapshots: erofs Fixes #12011 Signed-off-by: Aadhar Agarwal <aadagarwal@microsoft.com>
doc: add k8s 1.35 to support matrix
Simplify/Cleanup unit tests
Fix ST1005 lint violations: lowercase error strings
The OOM handling code is intended to live under pkg/oom/v2. However, the cgroupv2 package still needs further refinement, such as exporting the cgroup path and allowing callers to query specific stats instead of returning all of them. Until that work is complete, introduce the OOM package as experimental and place it under containerd-shim-runc-v2. Signed-off-by: Wei Fu <fuweid89@gmail.com>
We should always send oom event before exit event. Signed-off-by: Wei Fu <fuweid89@gmail.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
The test was validated locally by running 100 pods for 100 rounds without observing any failures. Due to limited resources in the CI environment, the test parameters were reduced to 8 pods and 10 rounds. ```bash FOCUS=TestOOMEventMonitor CGROUP_DRIVER=cgroupfs taskset -c 0,1 make cri-integration | tee /tmp/log ``` Signed-off-by: Wei Fu <fuweid89@gmail.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
*: update OOMKilled event handling
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )